No Crew to Kidnap: How Autonomy Rewrites Maritime Security Risk

WEEK 16 | APRIL 2026

In June 2021, Ocean Infinity acquired Ambrey. On the surface, a straightforward corporate transaction: a maritime technology company buying a security consultancy. Look closer and it’s something else entirely.

Ambrey was founded in 2010 in Hereford, UK, by ex-British military personnel at the peak of the Somali piracy crisis. Its core business was simple and brutal: put armed guards on ships so pirates couldn’t take the crew hostage. By the time Ocean Infinity bought it, Ambrey had grown into one of the world’s largest maritime security firms, protecting more vessels than almost any competitor. Ocean Infinity, meanwhile, had just completed construction of the first vessels in what would become the world’s largest commercial fleet of lean-crewed autonomous offshore ships.

One company’s corporate history maps perfectly onto the transformation this piece is about. The threat model that built Ambrey is becoming obsolete. The world Ocean Infinity is building has no equivalent security architecture to replace it.

That gap, legal, doctrinal, and financial, is what this deep dive is about.

Between 2008 and 2012, Somali pirates took roughly 3,741 crew members of 125 nationalities hostage across 125 vessels. They collected between $339 million and $413 million in ransoms, the World Bank’s best estimate from its 2013 analysis of the crisis. Average ransom in 2011: approximately $5 million per vessel. Average negotiation duration: 178 days. The single largest payment: $13.5 million for the Greek-owned VLCC Irene SL.

The international community’s response to this was comprehensive, coordinated, and entirely human-centric.

Best Management Practices evolved from BMP1 in 2009 through BMP5 in 2018, formalising citadel protocols, transit corridor procedures, and the conditions under which armed guards could operate. The IMO’s guidance on Privately Contracted Armed Security Personnel followed in 2011, a framework developed specifically because the major maritime organisations had previously opposed armed guards aboard merchant ships. The UK announced authorisation for armed guards on October 30, 2011. Germany followed in March 2013. Within two years of peak piracy, the industry had built an entire private security ecosystem from scratch.

By all available accounts, no ship with armed guards was ever successfully hijacked during the Somali piracy era. The combination of BMP compliance, naval presence from EU NAVFOR Atalanta and NATO Ocean Shield, and the deterrent effect of armed security teams broke the business model. Piracy collapsed after 2012. The Indian Ocean High Risk Area designation was lifted in January 2023.

The Gulf of Guinea then demonstrated that the human-centric model was the model, not just one option among many. West African piracy operates on a different economics: not ship-and-crew ransoms held for months, but kidnap-for-ransom targeting the two to six most valuable crew members, typically the master and chief engineer, held ashore in the Niger Delta for three to eight weeks at $30,000 to $100,000 per group. In 2020, the Gulf of Guinea accounted for over 95% of maritime kidnappings globally. By 2021, it accounted for 100%.

Different geography, different tactics, identical logic. Crew are the target because crew have ransom value. Armed guards, citadels, naval escorts, emergency satellite communications: everything the maritime security industry built assumes humans aboard who need protecting, rescuing, or ransoming.

Remove the crew and the entire architecture has nothing to protect.

On the night of August 29, 2022, the IRGCN support ship Shahid Baziar was observed towing a US Navy Saildrone Explorer unmanned surface vessel through the central Persian Gulf. USS Thunderbolt and an MH-60S helicopter responded. After four hours, the Iranians cut the tow line and departed.

Three days later, Iranian Navy frigate IRIS Jamaran seized two more Saildrone Explorers in the Red Sea. Iranian sailors initially concealed the drones under tarps and denied holding them. US destroyers USS Nitze and USS Delbert D. Black arrived, established radio contact, and negotiated the return. The Saildrones were released approximately 20 hours after seizure. Iranian state television broadcast footage of crew pushing the vessels off the Jamaran’s deck.

Iran’s stated justification: the autonomous vessels posed a danger to safe navigation. A customary duty of mariners, they argued, is to remove hazards from shipping lanes. With no crew aboard, nobody could dispute the claim in the moment. With no master to hail, nobody could identify the vessel, confirm its status, or assert its rights. The US Navy’s entire response depended on crewed destroyers arriving quickly enough to compel release through sheer proximity.

That response mechanism, sending a warship, is not available to commercial operators. It is not a scalable solution.

The Saildrone incidents were the clearest demonstration yet of what the new attack surface looks like. Remove the crew, and you remove the ransom leverage that defined Somali-era piracy. You also remove every layer of situational awareness, judgment, and resistance that stood between the vessel and those who would interfere with it.

Hormuz has been a GPS warfare zone for years. In 2019, the UK tanker Stena Impero was seized by Iran; analysts concluded GPS spoofing was likely involved in redirecting the vessel into Iranian waters, with US defence officials later confirming Iran had deployed GPS jammers on Abu Musa Island for exactly this purpose.

The 2025 to 2026 Hormuz crisis intensified this dramatically. GPS interference has affected thousands of vessels, with supertankers appearing to navigation systems to be circling over dry land. One commercial analytics provider, Windward, recorded more than 5,000 unique vessels experiencing GPS or AIS interference across a single quarter of 2025, with other datasets showing similar scale.

For a crewed vessel, an experienced master reconciles GPS readings against radar returns, visual landmarks, depth soundings, and crucially, the accumulated professional judgment of a human who knows when something is wrong. For a Level 4 autonomous system operating in a geofenced transit corridor, spoofed GPS coordinates that place the vessel somewhere it is not represent an instruction, not an anomaly. The system acts on the data it receives. Compelling it into Iranian territorial waters requires a laptop and a signal, not a boarding party.

The 2017 Black Sea mass spoofing event — in which over 20 vessels simultaneously reported GPS positions at Gelendzhik Airport, 25 nautical miles from their actual locations — was assessed by the C4ADS research group as almost certainly a by-product of Russian military drone countermeasures protecting VIP movements. The maritime disruption was incidental. Future actors targeting autonomous vessels specifically would not be incidental.

The maritime sector’s cyber vulnerability record is not theoretical. NotPetya reached Maersk in June 2017 through a Ukrainian tax software update. Within hours, every internet-connected device across the company was compromised. Rebuilding 4,000 servers, 45,000 PCs, and 2,500 applications took ten days. Cost: $250 to $300 million. In July 2023, ransomware shut down all container operations at the Port of Nagoya, Japan’s largest, for two days. In 2025, a hacktivist group disconnected 116 tankers from the internet simultaneously by wiping VSAT partitions, cutting all communications, including ship-to-shore VOIP.

One industry survey found that reported maritime cyberattacks roughly doubled between 2024 and 2025, with ransomware incidents rising by around 150%. None of these incidents specifically involved autonomous vessels. But the progression matters: attacks on maritime infrastructure are becoming more frequent, more sophisticated, and more targeted at the communication and control systems that autonomous vessels depend on entirely.

Beyond cyber intrusion and GPS spoofing, there is a class of threat that requires no signal path into the vessel’s systems at all. High-power microwave weapons, directed energy systems that target electronics directly, are now operationally tested against autonomous surface vessels.

In 2024, the US Navy tested Epirus’ Leonidas HPM system at ANTX-CT24, specifically evaluating its ability to temporarily disable small vessels, including when mounted on uncrewed platforms. In April 2025, Epirus introduced Leonidas H2O, and in ANTX-CT24 Coastal Trident trials, the prototype disrupted four commercially available 40 to 90 horsepower boat engines at tactically relevant ranges, in some cases from an uncrewed platform.

This is not a future capability. The DoD spent years and tens of millions of dollars developing a non-kinetic vessel-stopping solution without fielding one, then a commercial defence company demonstrated it against real vessels in Navy trials. The threat cuts both ways: what the Navy is developing to stop adversary autonomous vessels, adversaries can develop to stop ours.

The key point for commercial autonomous operators is that HPM bypasses the air-gap defence entirely. Hardened against cyber intrusion, isolated from GPS dependency, running on redundant sensors: none of that matters if the vessel’s electronics can be disrupted from range without any communication link. Large naval vessels benefit from steel hull construction that provides natural electromagnetic shielding. A fibreglass-hulled commercial autonomous vessel running commercial off-the-shelf electronics does not.

Here is the scenario that does not appear in any published security analysis, but should.

A Level 4 autonomous vessel running COLREGS-compliant collision avoidance encounters an obstacle in its transit corridor. It does what it is designed to do: stop, or manoeuvre around within its programmed parameters. It does not escalate. It does not call for help. It does not override its safety protocols because a human has assessed the situation and concluded that a blocked channel is a hostile act rather than a navigational hazard.

Iran does not need missiles to stop an autonomous tanker in Hormuz. They need a fishing boat and patience.

Park it across the channel and wait. The autonomous vessel halts itself. It becomes a drifting, uncrewed asset in contested international waters with no master to assess the situation, no crew to resist boarding, and no legal framework capable of resolving what happens next.

The crewed vessel equivalent requires Iran to actually coerce a master into stopping. That is an internationally documented act with witnesses, a distress call, flag state obligations, and diplomatic consequences. Blocking an autonomous vessel generates legal ambiguity the existing framework cannot resolve, at essentially zero cost to the blocker.

UNCLOS Article 101 defines piracy as illegal acts of violence or detention committed for private ends, directed on the high seas against another ship or persons and property aboard. Commandeering an autonomous vessel via GPS spoofing or cyber attack creates immediate problems under this definition.

There are no persons aboard. The acts are directed against the vessel as property, arguably covered, but the two-ship requirement embedded in the piracy provisions was designed for physical boarding parties, not remote electronic attacks launched from shore infrastructure. The 1988 SUA Convention is more applicable: it covers unlawful seizure and exercise of control over ships without requiring a second vessel. But it too was designed for crewed vessels with masters who can be threatened or killed.

The UNCLOS sovereign immunity provisions (Articles 29, 32, 95, and 96) further complicate the picture. Article 29 defines warships as vessels “manned by a crew under regular armed forces discipline.” Two requirements that autonomous military vessels struggle to satisfy: “under the command of an officer” and “manned by a crew.” Legal scholars disagree on whether remote operators satisfy these requirements. The more pragmatic route, Article 96 immunity for government non-commercial vessels, is available, and the US asserted it successfully when China seized a US Navy UUV from USNS Bowditch in 2016. But Article 96 is a military backstop. Commercial autonomous vessels have no equivalent.

When the US responded to China’s 2016 UUV seizure, it invoked sovereign immunity and demanded return through diplomatic channels. When a commercial autonomous vessel is interfered with in international waters, the flag state has theoretical jurisdiction under Articles 92 and 94. But the practical reality, identified in a 2025 Journal of Transportation Security analysis, is that when the remote operations centre is located outside the flag state’s jurisdiction, “flag State jurisdiction is substantially limited to ships and their crew members, neither of which are present.” Legal scholars disagree on how far flag-state jurisdiction can extend over land-based remote operations centres located abroad; some argue existing UNCLOS structures offer more flexibility, but no court has resolved it.

There is no agreed international rule for what happens when a large autonomous vessel loses communications and drifts. The 1989 Salvage Convention assumes a vessel in danger that can respond to hails. At what point does an autonomous vessel become salvageable? If a vessel is “assisted” into a foreign port for “safe harbour,” what is the legal response? No court has been asked. No treaty addresses it.

The IMO MASS Code targets mandatory entry into force on January 1, 2032. Its scope covers operational safety and navigation. It is silent on security doctrine, explicitly so: military operations are outside IMO’s mandate. The IMO is not developing a security doctrine in parallel, and there is no international body that is.

The Shipowners’ Club launched the world’s first dedicated autonomous vessel P&I product in 2018. As of early 2026, industry reporting suggests on the order of 80 uncrewed craft covered under this product (focused on vessels under 24 metres), with limits up to $500 million on an all-risks basis, including cyber coverage.

Zero claims. Not because nothing has gone wrong, but because nothing has gone wrong yet at a meaningful scale. There is no actuarial basis for autonomous vessel risk pricing. No claims history. No data on how autonomous vessel incidents actually unfold, what causes them, or who is legally responsible when they do.

The International Group of P&I Clubs — the reinsurance collective that covers the majority of the world’s oceangoing tonnage — maintains an Autonomous Vessels Committee. No public position paper has emerged from it. No International Group product for autonomous vessels exists. For vessels over 24 metres, bespoke placement is required, and for commercial operators deploying large autonomous vessels in contested waters or high-risk theatres, even bespoke arrangements may not extend to state-backed cyber or kinetic interference. For most, the practical answer to “can you insure this?” is effectively no.

Lloyd’s of London added a further complication in March 2023, mandating that all syndicates exclude nation-state-backed cyberattacks from cyber insurance policies. State-sponsored GPS spoofing, the primary documented attack vector in Hormuz, attributed to Russian military operations in the Black Sea and Iranian IRGC operations in the Persian Gulf, falls squarely into this exclusion. An autonomous vessel spoofed into Iranian territorial waters by Iranian military GPS interference would be operating in a coverage gap.

The liability chain for an autonomous vessel incident remains legally unresolved in every major jurisdiction. The owner? The manufacturer? The software developer? The remote operator? The classification society that certified the system? The EU’s Revised Product Liability Directive (November 2024) explicitly brings software, including AI systems, within the definition of “product,” meaning software developers face direct liability exposure for the first time. No court has tested any of this. There is no precedent. There is no certainty.

Consider the specific scenario the Hormuz situation makes vivid: an autonomous tanker is GPS-spoofed by state-sponsored interference, navigates into Iranian territorial waters following the false signal, and is seized. The P&I insurer invokes the nation-state exclusion. The manufacturer’s lawyers invoke the development risk defence. The software developer points to the remote operator’s failure to maintain situational awareness. The flag state finds its enforcement mechanisms applying to crew who are not present on a vessel that is not in its waters.

Commercial operators bear this liability uncertainty alone. Defence autonomous vessels have sovereign immunity and government indemnification as structural protections. No equivalent exists for commercial operators. This is a structural asymmetry that early commercial autonomous operators inherit entirely.

This is where the Hormuz situation of early 2026 becomes analytically instructive beyond its immediate drama.

Norway banned its flagged vessels from Hormuz transits on March 12, 2026, a formal prohibition by the Norwegian Maritime Authority. India deployed two naval task forces to the Gulf of Oman and negotiated individual passage arrangements for its flagged vessels. The IMO convened an emergency session focused on approximately 20,000 stranded seafarers. CMA CGM and Hapag-Lloyd suspended transits citing crew safety. Every major response, diplomatic, regulatory, commercial, humanitarian, ran on a single fuel: crew safety.

Norway’s transit ban exists to protect seafarers. India’s diplomatic scramble was driven by 600+ Indian seafarers aboard vessels in the Gulf. The IMO emergency session was called because human beings were trapped in a contested chokepoint. The insurance market withdrawal was triggered by the risk of crew casualties.

Remove the crew and every one of these mechanisms loses its fuel.

A nation losing an autonomous vessel loses property, not lives. That changes the political calculus for continued transit of contested chokepoints in ways that are genuinely complex, not straightforwardly positive. Removing crew from tankers transiting Hormuz would eliminate the humanitarian pressure that forces transit bans, reduce P&I crew injury liability, and might eventually enable continued commercial operations through chokepoints currently closed to crewed vessels.

But autonomy does not reduce Iran’s leverage. It transforms it.

With crewed vessels, Iran’s leverage derives from crew safety: the threat of seizure, injury, or death that forces flag states to ban transits, insurers to withdraw coverage, and operators to reroute. That leverage is visible, documentable, and generates international pressure. Remove the crew, and Iran loses that lever. They gain a different one: the legal and operational vacuum around autonomous vessels in contested waters.

An autonomous tanker blocked by a vessel in its transit corridor stops itself. It cannot override collision avoidance to push through, cannot assess whether the obstruction is hostile or accidental, cannot radio the blocking vessel and negotiate. An autonomous tanker spoofed into Iranian territorial waters has no master to assert innocent passage rights, no crew to witness the interference, no distress signal to trigger international response. An autonomous tanker seized and towed into an Iranian port enters a legal grey zone that no treaty, no court, and no precedent has mapped.

The Saildrone incidents demonstrated the template in miniature. Iran seized three US Navy autonomous vessels across two incidents in five days. US crewed warships recovered them through radio negotiation and physical presence. That model, sovereign immunity plus naval escort, does not translate to commercial operations.

Autonomous vessels are not safer in Hormuz. They are differently vulnerable, in ways that current doctrine, insurance architecture, and international law are completely unprepared to handle.

Norway has the world’s most advanced autonomous vessel operational framework. In October 2025, Reach Remote 1 became the first vessel globally to receive a trading permit for operation entirely via remote control without a support vessel. Norway’s regulatory framework covers autonomous navigation in detail, addresses safety management comprehensively, and says almost nothing about security.

Singapore operates a Maritime Cybersecurity Operations Centre, a cyber-physical testbed for shipboard systems, and a Maritime Cybersecurity Scorecard with participation from over 30 companies. It has no standalone autonomous vessel security regulation.

The IMO MASS Code, targeting mandatory entry into force in January 2032, addresses operational safety, SAR obligations, environmental protection, and, following MSC 110 in June 2025, a commitment to developing separate cybersecurity guidance. Security doctrine is outside its scope.

NATO’s Baltic Sentry and Arctic Sentry operations are beginning to field autonomous systems in persistent surveillance roles and developing a doctrine for defending autonomous assets. That doctrine remains classified. Whatever the military has learned from Task Force 59, from the Saildrone seizures, from 55,000+ operating hours of autonomous platform experience in the CENTCOM AOR: none of it is available to commercial operators navigating the same threat environment.

This is the institutional gap. Not the technology gap.

The technology for autonomous commercial shipping is substantially here. Avikus has over 100 autonomous navigation installations on large commercial vessels. Ocean Infinity operates 14 lean-crewed offshore vessels. Japan has certified Level 4 autonomous passenger ferries in commercial service. The deployment is happening faster than the doctrine, the law, or the insurance products can follow.

What a functional security framework for autonomous vessels actually requires is not mysterious. Cybersecurity standards for autonomous vessel command systems that go beyond guidelines written for crewed ships. Incident response protocols that don’t assume a master can send a MAYDAY. Boarding and intervention rights for law enforcement encountering an autonomous vessel are currently a legal void in every jurisdiction. Liability allocation that doesn’t require decades of litigation to resolve. Distress signalling standards for unmanned platforms. And internationally agreed rules for what happens when an autonomous vessel loses communications, drifts into territorial waters, or is physically interfered with by state actors claiming navigational safety justifications.

None of this is being developed at the pace at which the deployment is happening. The IMO’s 2032 mandatory date is a navigation safety milestone, not a security solution. No international body is developing a public, comprehensive security doctrine for commercial autonomous vessels. The military knows things about this problem that it is not sharing with the commercial sector.

The procurement implications are concrete. Any autonomous vessel acquisition decision made today by a navy, a coast guard, a commercial operator, or a port authority is being made without a security doctrine to reference, without settled insurance products to rely on, and without legal clarity on what happens when things go wrong. Defence autonomous vessels have sovereign immunity and government backing as structural protections. Commercial operators have the Shipowners’ Club product for vessels under 24 metres, zero claims history, and a liability chain nobody has tested in court.

The window for proactive framework development is narrowing. The Saildrone incidents happened at low stakes: solar-powered surveillance drones carrying commercially available sensors in a military context where sovereign immunity applied. The next serious incident will happen at much higher stakes, with commercial operators, unresolved liability, and no doctrine to draw on.

The doctrine vacuum is not theoretical. It is operational, right now, in the waters where autonomous vessels are actually deployed.

Japan makes that concrete in a single image. The Mogami-class frigate, designed from the keel up around a crew of 90 with integrated OZZ-5 unmanned underwater vehicle and Umikaze USV capability, conducted the JMSDF’s first-ever live autonomous mine disposal in June 2025. Japan has operational autonomous MCM capability in its fleet right now. It also has 95% oil import dependency, 70% of which transits Hormuz. The Strait of Hormuz blockade was the textbook scenario Abe used to justify the 2015 collective self-defence legislation. On March 19, 2026, Prime Minister Takaichi sat in the Oval Office facing exactly that scenario and left Washington having made no commitment to naval deployment, because the legal framework still doesn’t permit it. The technology is not the constraint. The doctrine is.

Ambrey was built to solve the last version of this problem — protecting crew from boarding parties in the Gulf of Aden. Ocean Infinity acquired it because the next version of maritime security will be built around protecting autonomous systems from everything that boarding parties have become. That framework does not yet exist.

Whoever builds it first will matter enormously.

Australia just committed AU$3.9 billion to the Osborne shipyard as a down payment on the most expensive defence program in the country's history. The first SSN-AUKUS submarine arrives in the 2040s. Ghost Shark, at AU$1.7 billion for a fleet already in low-rate production, is operational now. The force multiplication math is uncomfortable. Is a crewed nuclear submarine still the right bet when autonomous systems are scaling faster than the procurement cycle that ordered them?

Since you have been, thanks for reading.

Cheers,

Mick

Ocean Tech Intelligence provides informational analysis only. Nothing in this publication constitutes financial, investment, legal, or strategic advice. Readers act on this content at their own risk. For full details see our Disclaimer.